Skip to content

demwick/polymarket-agent-mcp

v1.5.2 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 1mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

ai-agent ai-trading anthropic blockchain claude copy-trading
+11 more
defi mcp mcp-server model-context-protocol polymarket portfolio-management prediction-markets smart-money trading typescript websocket

Affected surfaces

auth rbac

Summary

AI summary

Removed the insecure curl‑pipe‑to‑bash installation method.

Full changelog

What's Changed

  • chore: trigger scorecard rescan after branch protection by @demwick in https://github.com/demwick/polymarket-trader-mcp/pull/8
  • Create CODE_OF_CONDUCT.md by @demwick in https://github.com/demwick/polymarket-trader-mcp/pull/9
  • chore: add community templates and expand npm keywords by @demwick in https://github.com/demwick/polymarket-trader-mcp/pull/10
  • security: add permissions manifest and eliminate false positives by @demwick in https://github.com/demwick/polymarket-trader-mcp/pull/11
  • security: remove curl-pipe-to-bash install method by @demwick in https://github.com/demwick/polymarket-trader-mcp/pull/12

New Contributors

  • @demwick made their first contribution in https://github.com/demwick/polymarket-trader-mcp/pull/8

Full Changelog: https://github.com/demwick/polymarket-trader-mcp/compare/v1.5.1...v1.5.2

Breaking Changes

  • Removed curl-pipe-to-bash install method

Security Fixes

  • Eliminated false positives by adding permissions manifest
  • Removed insecure curl-pipe-to-bash installation method
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track demwick/polymarket-agent-mcp

Get notified when new releases ship.

Sign up free

About demwick/polymarket-agent-mcp

49-tool Polymarket prediction market suite for AI agents. Direct trading, smart money flow detection, copy trading with auto-monitor, backtesting, arbitrage scanning, portfolio optimization, and real-time WebSocket price streaming. Preview mode for simulation, live mode for real orders.

All releases →

Related context

Beta — feedback welcome: [email protected]